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DETAILED ACTION 

1 . This action is responsive to communication: application filed 06 December 2001 with 
continuing data of a PCT filed on 22 December 2000 and a foreign application filed on 

14 January 2000, 

2. Claims 1-50 are currently pending in this application. Claim 1, 5, 7, 8, 10, 1 1, 15, 17, 18, 
20, 21, 23, 24, 26, 27, 29, 30, 31, 32, 45, 46, 47, and 48 are independent claims. 

Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 
122(b), by another filed in the United States before the invention by the applicant for 
patent or (2) a patent granted on an application for patent by another filed in the United 
States before the invention by the applicant for patent, except that an international 
application filed under the treaty defined in section 351(a) shall have the effects for 
purposes of this subsection of an application filed in the United States only if the 
international application designated the United States and was published under Article 
21 (2) of such treaty in the English language 

4. Claims 1-7, 11-17, 21-23, 27-29, 33, 35, 37, 39, and 41-44, are rejected under 

35 U.S.C. 102(e) as being anticipated by Markham U.S. Patent No. 5,796,836 (hereinafter '836). 

As to independent claim 21, "An encrypting apparatus encrypting plaintext data M 
including plaintext block data M, (i = 1, 2, 3, .♦.) and plaintext data N including plaintext, 
block data N, (j = 1, 2, 3, ...), the encrypting apparatus comprising:" is taught in '836 col. 3, 
lines 35-67; 
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"a mechanism for receiving a request to encrypt the plaintext data Nl during 
encrypting process of the plaintext data M before completion of the encrypting process of 
the plaintext data M" is shown in £ 836 col. 7, lines 21-29; 

"an encrypting module for outputting encrypted data as module output block data 
TV' is disclosed in £ 836 col. 7 5 lines 7-12; 

"a feedback loop for feeding back the module output block data T, output from the 
encrypting module to the encrypting module through a feedback line" is taught in '836 
col. 7, lines 13-20; 

"a memory, provided in parallel with the feedback line of the feedback loop fur 
receiving the request to encrypt, the plaintext data N, and storing the module output block 
data T, fed back when the plaintext block data Mi is not encrypted subsequent to the 
plaintext block data Mi so that an encrypting process of any plaintext block data of the 
plaintext data N is started; and" is shown in '836 col. 8, lines 14-67; 

"a selector for selecting and supplying the module output block data T i? fed back 
through the feedback line of the feed back loop to the feedback loop in case that the 
plaintext block data M i+ i, is encrypted subsequent to the plaintext block data Tj and for 
selecting and supplying the module output block Tj, stored in the memory to the feedback 
loop in case that the plaintext block data M i+ i is not encrypted subsequent to the plaintext 
block data Mi and the plaintext block data Mi+i is encrypted after any of plaintext block 
data of the plaintext data N is encrypted" is disclosed in '836 col. 12, lines 1-67. 

As to dependent claim 22, "wherein the memory includes: plural registers 
corresponding to plural pieces ^/plaintext data" is taught in '836 col. 13, lines 1-8; 
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"and a switch switching registers corresponding to the plaintext data to be 
encrypted" is shown in '836 col. 8, lines 17-58. 

As to independent claim 5, this claim contains substantially similar subject matter as 
independent claim 21; therefore it is rejected along the same rationale. 

As to dependent claim 6, this claim contains substantially similar subject matter as 
claim 22; therefore it is rejected along the same rationale. 

As to independent claim 23, "An encrypting method comprising the steps of: 
encrypting plaintext block data Mi (i = 1, 2, 3, ...) of first plaintext data M using ciphertext 
block data Tj (i = 1, 2, 3, .,.) output from an encrypting module" is taught in '836 col. 7, 
lines 13-20; 

"storing ciphertext block data Ti to be used for encrypting plaintext block data Mh-i 
of the first plaintext data M in a memory during or after encrypting process; of the 
plaintext block data M" is shown in '836 col. 8, lines 14-67; 

"encrypting at least one plaintext block data of second plaintext data N after storing 
the ciphertext block data Ti to be used for encrypting the plaintext block data Mj+i in the 
memory" is disclosed in '836 col. 12, lines 1-67; 

"and inputting the module output block data Ti to be used for encrypting the 
plaintext block data Mi+i stored in the memory after encrypting the at least one plaintext 
block data of the second plaintext data N and encrypting the plaintext block data Mi of the 
first plaintext data M using the encrypting module" is taught in '836 col. 7, lines 21-38. 

As to independent claim 7, this claim contains substantially similar subject matter as 
independent claim 23; therefore it is rejected along the same rationale. 
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As to independent claim 1, ""An encrypting apparatus encrypting first processing 
data and second processing data comprising: a memory for storing status of encrypting 
process" is taught in '836 col. 3, lines 35-67; 

"wherein the encrypting apparatus starts encrypting process of the second 
processing data before encrypting process of the first processing data is completed, the 
encrypting apparatus makes the memory store the status of encrypting process of the first 
processing data when the encrypting apparatus starts encrypting process of the second 
processing data, the encrypting apparatus returns the status of the encrypting process of 
the encrypting apparatus to the status of the encrypting process of the first processing data 
stored in tile memory when the encrypting apparatus restarts encrypting the first 
processing data, and the encrypting apparatus restarts encrypting process of the first 
processing data" is shown in '836 col. 7 5 lines 13-37. 

As to dependent claim 2, "wherein the encrypting apparatus restarts encrypting 
process of the first processing data before encrypting process of the second processing data 
is completed, the memory stores the status of encrypting process of the second processing 
data when the encrypting apparatus restarts encrypting process of the first processing data, 
the encrypting apparatus returns the status of the encrypting process of the encrypting 
apparatus to the status of the encrypting process of the second processing data stored in the 
memory when the encrypting apparatus restarts encrypting process of the second 
processing data, and the encrypting apparatus restarts encrypting process of the second 
processing data" is disclosed in '836 col. 12, lines 1-67. 
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As to dependent claim 3, "wherein the first processing data is first plaintext data 
and the second processing data is second plaintext data' 5 is taught in c 836 col. 7, lines 21-37. 

As to dependent claim 4, "the encrypting apparatus starts encrypting process of the 
second processing data by an interrupt" is shown in '836, col. 12, line 59 through col. 13, 
line 9. 

As to dependent claim 41, "wherein the encrypting process is performed using 
block cipher algorithm" is disclosed in '836 col. 5, lines 25-35. 

As to dependent claim 43, "wherein the memory stores an intermediate encrypting 
result of the first processing data and an encryption key to be used for encrypting the first 
processing data as the status of the encrypting process" is taught in "836, col. 12, line 59 
through col. 13, line 9. 

As to independent claim 11, "A decrypting apparatus decrypting first processing 
data and second processing data comprising a memory for storing a status of a decrypting 
process" is taught in c 836 col. 3, lines 35-67 and '836 col. 9, lines 30-33; 

"and wherein the decrypting apparatus starts the decrypting process of the second 
processing data before the decrypting process of the first processing data is completed, the 
decrypting apparatus makes the memory store the status of the decrypting process of the 
first processing data when the decrypting process of the second processing data is started, 
and the decrypting apparatus returns the status of the decrypting process of the decrypting 
apparatus to the status of the decrypting process of the first processing data stored in the 
memory when the decrypting process of the first processing data is restarted, and the 
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decrypting apparatus restarts the decrypting process of the first processing data" is shown 
in £ 836 col. 7, lines 13-37. 

As to dependent claims 12-14, 42, and 44, these claims contain substantially similar 
subject matter as claims 2-4, 41 3 and 43; therefore they are rejected along similar rationale. 

As to independent claim 15, "A decrypting apparatus decrypting ciphertext block 
data C, (i = 1, 2, 3, ...) included in ciphertext data C and ciphertext block data Dj (j = 1, 2, 3, 
...) included in ciphertext data D, the decrypting apparatus comprising" is taught in c 836 
col. 3, lines 35-67 and col. 9, lines 30-33; 

"a mechanism for receiving a request to decrypt the ciphertext data D at an 
arbitrary timing during a decrypting process of the ciphertext data C; is shown in '836 
col. 7, lines 21-29; 

"a decrypting unit for performing the decrypting process of the ciphertext block 
data C, to output plaintext block data Mi" is disclosed in c 836 col. 7, lines 7-12; 

"a feedback loop for feeding back the ciphertext block data Ci to be used for 
decrypting ciphertext block data Q+i to the decrypting unit through feedback line" is 
taught in '836 col. 7, lines 13-20; 

"a memory, provided in parallel with the feedback line of the feedback loop, for 
receiving the request to decrypt the ciphertext data D and storing the ciphertext block data 
Ci fed back when the ciphertext block data Q+i is not decrypted subsequent to the 
ciphertext block data Ci so that the decrypting; process of any of ciphertext block data of 
the ciphertext data D is started; and" is shown in '836 col. 8, lines 14-67; 
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"a selector for selecting and supplying the ciphertext block data Q fed back from 
the feedback line of the feedback loop in case that the ciphertext block data Q+i is 
decrypted subsequent to the ciphertext block data Q and for selecting, and supplying the 
ciphertext block data Q stored in the memory in case that the ciphertext block data Q+i is 
not decrypted subsequent to the ciphertext block data Ci and the ciphertext block data Chi 
is decrypted after any of the ciphertext block data of the ciphertext data D is decrypted" is 
disclosed in '836 col. 12, lines 1-67. 

As to dependent claim 16, this claim is substantially similar to dependent claim 22; 
therefore it is rejected along the same rationale. 

As to independent claim 17, "A decrypting method comprising the steps of: 
decrypting plaintext block data Q (i = 1, 2, 3, ...) of first plaintext data C using a decrypting 
module" is taught in '836 col. 7, lines 13-20 and '836 col. 9, lines 30-33; 

"storing ciphertext block data Q to be used for decrypting plaintext block data Q+i 
of the first plaintext data M in a memory during or after decrypting process; of the 
plaintext block data Q" is shown in '836 col. 8, lines 14-67; 

"decrypting at least one plaintext block data of second plaintext data D after storing 
the ciphertext block data Q to be used for decrypting the plaintext block data CW is 
disclosed in '836 col. 12, lines 1-67; 

"and inputting the ciphertext block data Q to be used for decrypting the ciphertext 
block data Ch-i stored in the memory after decrypting the at least one ciphertext block 
data of the ciphertext block data of the ciphertext data D and decrypting the ciphertext 
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block data Cj+i of the first ciphertext data C using the decrypting module 55 is taught in '836 
col. 7, lines 21-38. 

As to independent claim 29, "A decrypting method comprising steps of: decrypting 
ciphertext block data Q (i = 1, 2, 3, ...) of first ciphertext data C using module output block 
data Tj (i = 1, 2, 3, .,.) output from a decrypting module 55 is taught in £ 836 col. 7, lines 13-20 
and '836 col. 9, lines 30-33; 

"storing nodule output block data Ti to be used for decrypting ciphertext block data 
Cj+i of the first ciphertext data G in a memory during or after a decrypting process of the 
ciphertext block data Q" is shown in '836 col. 8, lines 14-67; 

"decrypting, at least one ciphertext block data of second ciphertext data D after 
storing the module output block data Tj to be used for decrypting the ciphertext block data 
Cj+i in the memory; and 55 is disclosed in c 836 col. 12, lines 1-67; 

"decrypting the ciphertext block data Q+i of the first ciphertext data C using the 
decrypting module by inputting the module output, block data Ti to be used for the 
ciphertext block data Q+i stored in the memory after decrypting the at least one ciphertext 
block data of the second ciphertext data D" is taught in '836 col. 7, lines 21-38. 

As to independent claim 27, this claim is directed to the apparatus of the method of 
claim 29; therefore it is rejected along the same rationale. 

As to dependent claim 28, " wherein the memory includes: plural registers 
corresponding to plural cipphertext data 55 is taught in '836 col. 13, lines 1-8; 

"and a switch for switching the plural registers corresponding to the ciphertext data 
to be decrypted" is shown in '836 col. 8, lines 17-58. 
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As to dependent claims 33, 35, 37, and 39, these claims are directed to a computer readable 
medium of the previously identified claims; therefore they are rejected along the same rationale. 
5. Claims 45-50, are rejected under 35 U.S.C. 102(e) as being anticipated by 
Jakubowski et al. U.S. Patent No. 6,226,742 (hereinafter '742). 

As to independent claim 47, "An encrypting method comprising: an encrypting step 
for inputting data to encrypt and outputting encrypted data" is taught in '742 col. 5, 
lines 51-65; 

"and a M AC generating step for inputting the encrypted data output from the 
encrypting step and generating a MAC for ensuring an integrity of the encrypted data" is 
shown in '742 col. 9, lines 34-59; 

"and wherein the MAC generating step starts generating the MAC before 
completion of encrypting the data by the encrypting step" is disclosed in '742 col. 9, 
lines 4-33. 

As to independent claim 48, "A decrypting method comprising: a decrypting step 
for inputting data to decrypt and outputting decrypted data" is taught in c 742 col. 5, line 66 
through col. 6, line 13; 

"and a MAC generating step for inputting the decrypted data output from the 
decrypting step and generating a MAC for ensuring an integrity of the encrypted data" is 
shown in '742 col. 9, lines 34-59; 

"and wherein the MAC generating step starts generating the MAC before 
completion of decrypting the data by the decrypting step" is disclosed in '742 col. 9, 
lines 4-33. 



Application/Control Number: 09/936,570 Page 11 

Art Unit: 2134 

As to dependent claim 49, "A computer readable storage medium storing a 
program for having a computer execute steps for the encrypting method described in 
claim 47" is taught in c 742 col. 8, lines 63-67. 

As to dependent claim 50, "A computer readable storage medium storing a 
program for having a computer execute steps for the decrypting method described in 
claim 48" is shown in c 742 col. 8, lines 63-67. 

As to independent claim 45, this claim is directed to the apparatus of claim 47; 
therefore it is rejected along the same rationale. 

As to independent claim 46, this claim is directed to the apparatus of claim 48; 
therefore it is rejected along the same rationale. 

Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject 
matter sought to be patented and the prior art are such that the subject matter as a whole 
would have been obvious at the time the invention was made to a person having ordinary 
skill in the art to which said subject matter pertains. Patentability shall not be negatived 
by the manner in which the invention was made. 

7. Claims 8-10, 18-20, 24-26, 30-32, 34,36,38, and 40 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Markham U.S. Patent No. 5,796,836 (hereinafter '836) in further 
view of Jakubowski et al. U.S. Patent No. 6,226,742 (hereinafter '742). 

As to dependent claim 10, "An encrypting method for encrypting plaintext, data 
including at least one plaintext block data into ciphertext data using an encrypting unit" is 
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taught in 'S36 col. 3, lines 35-67 "The present invention provides a system and method for 
decoupling encrypting of one plain text block from the encryption of the next plain text block" 

"an encrypting step, including a first feedback step for feeding back 
ciphertext block data Q output from the encrypting unit when the encrypting 
unit encrypts plaintext block data, inputting the plaintext block data, 
performing an encrypting process by feeding back the ciphertext block data 
Ci through a first feedback loop, and outputting a ciphertext block data" is shown in £ 836 
col. 7, lines 7-20 "As an example, consider the cipher feedback mode embodiment shown in 
FIG. 4. The mode shown uses three enencryption device modules 52. 1-3 . Each encryption 
device module 52 includes a codebook module 32, an output register 54, and an encryption 
module"; 

the following is not taught in c 836: 

"and generating a message authentication code (MAC) to ensure an integrity of the 
ciphertext data, the encrypting method comprising:" however '746 teaches "The encrypted 
MAC is advantageously extended throughout the remainder of the ciphertext message. The 
encrypted MAC is then inserted into the ciphertext message as block n-1 and n" in col. 9, 
lines 51-65; 

"a MAC generating step, including a second feedback step for feeding back a 
computed intermediate MAC result, inputting the ciphertext block data whenever the 
ciphertext block data is output from the encrypting step, processing data" however '746 
teaches "Illustratively, two blocks in the intermediate bit stream, i.e., Y n -i and Y n are 
concatenated together to form a 54-bit MAC (Y n .i , Y n ) .... By chaining a plaintext message and 
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defining the MAC as a predefined protion, e.g., (Y n .i , Y n ) of the ensuing chained message, the 
MAC can be generated rather quickly and efficiently" in col. 9, lines 34-59; 

"feeding back the computed intermediate MAC result through the second feedback 
step, and generating the MAC to ensure the integrity of the ciphertext data" however '742 
teaches "Through our present invention, a plaintext message can be securely encrypted and any 
violations of the integrity of a resulting ciphertext message can readily detected by, during 
encryption generating, in response to an incoming plaintext message, and intermediate stream, 
wherein a predefined portion of the intermediate stream defines a message authentication code 
(MAC)" in col. 9, lines 4-33. 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
to modify the teachings of '836, a cipher block chaining mechanism for encryption and 
decryption to enhance the security of messages exchange. One of ordinary skill in the art would 
have been motivated to perform such a modifications because of the growth in the Internet and 
technology (see '742 col. 3, lines 24 et seq.). "Therefore, a need exists in the art for a 
cryptographic technique that not only provides an extremely high level of security against 
ci yptanalysis, particularly given the sophistication and power of current and future processing 
technology, but also is capable of detecting a change made to a ciphertext message". 

As to independent claim 8, this claim is directed to the apparatus of the method of 
claim 10; therefore it is rejected along the same rationale. 

As to dependent claim 9, "wherein the encrypting unit, and the MAC generator 
perform alternately the encrypting process and a MAC generating process by sharing one 
encrypting module and one feedback loop, and wherein the one feedback loop includes a 
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memory for respectively storing and outputting results of the encrypting process and the 
MAC generating process; and a selector for selecting alternately the results of the 
encrypting process and the MAC generating process from the memory to alternately 
perform the encrypting process kind the MAC generating process" is taught in '742 col. 14, 
lines 1-27 "FIG. 5 depicts a flowchart of Encryption procedure 500. Upon entry to this 
procedure, block 510 is first executed to calculate the value of a zero-th output block of 
intermediate stream, Y, as being equal to F(ePo) and a block counter, i, to the value one. 
Thereafter, execution enters Encryption—Forward CBC procedure 520 which, given the plaintext 
as input, computes the intermediate bit stream .through a forward cipher block chain. In 
particular, execution first proceeds to block 525 which determines for block i in the plaintext 
stream, i.e., P;, and block i-1 in the intermediate stream, i.e., Ym, the value of block i in the 
intermediate stream, Y h depending on whether the value of counter i is then even or odd, through 
the use of equation (4) or (5) above, respectively. Once the value of block Yi is so determined, 
execution proceeds to decision block 530. This decision block determines if all n+1 blocks in the 
intermediate bit stream have been generated. If any such block remains to be calculated, then 
decision block 530 routes execution, via NO path 534, to block 535. The latter block increments 
the block counter by one. Execution then loops back, via path 537, to block 525 to generate the 
value of the next block in the intermediate stream, and so forth. Alternatively, if all such blocks 
have been generated, then decision block 530 routes execution, via YES path 532, out of 
procedure 520 and to block 540". 
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As to independent claim 20, "A decrypting method decrypting ciphertext data 
including at least one ciphertext block data into plaintext data" taught in '836 col. 3, 
lines 35-67 

"and generating a message authentication code (MAC) for ensuring an integrity of 
the ciphertext data" in col. 9, lines 51-65; 

"the decrypting method comprising: a decrypting step including a first feedback 
step for feeding back module output block data T, generated at decrypting data by a 
decrypting module, inputting the ciphertext block data, decrypting the ciphertext block 
data using the module output block data T, fed back through the first feedback loop, and 
outputting plaintext block data" is shown in '836 col. 7, lines 7-20 

"a MAC generating step including a second feedback step for feeding back a 
computed intermediate MAC result, inputting ciphertext block data identical to the 
ciphertext block data input to the decrypting unit, processing the darn, outputting the 
computed intermediate MAC result" is disclosed in '742 col. 9, lines 34-59; 

"feeding back the computed intermediate MAC result by the second feedback loop, 
and generating the MAC for ensuring the integrity of ciphertext data" is taught in '742 
col. 9, lines 4-33. 

As to independent claim 18, this claim is directed to the apparatus of the method of 
claim 20; therefore it is rejected along the same rationale. 

As to dependent claim 19, "wherein the decrypting unit and the MAC generator 
share one decrypting module and one feedback loop and alternately perform a 
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decrypting process and a MAC generating process, and wherein the one feedback loop 
includes: a memory storing and outputting results of the decrypting process 
and the MAC generating process; and a selector for alternately selecting the results of the 
decrypting process and the MAC generating process to output to the decrypting module 

for alternately performing the decrypting process and the MAC generating process" is 

taught in '742 cot. 1 5, lines 15-42 C TIGS. 7A and 7B collectively depict a flowchart of 
Decryption procedure 700; the correct alignment of the drawing sheets for these figures is shown 
in FIG. 7. Upon entry to this procedure, block 705 is first executed to decrypt the encrypted 
MAC, i.e., (Y n _i', Y,,'), residing in the two highest-order blocks, i.e., C,,.i and C„, of incoming 
ciphertext message C. The decryption algorithm used is an inverse pseudo-random permutation 
of that which created the encrypted MAC". 

As to independent claim 24, this claim is directed to the apparatus of the method of 
claim 10; therefore it is rejected along similar rationale. 

As to dependent claim 25, this claim contains substantially similar subject matter as 
claim 9; therefore it is rejected along the same rationale. 

As to independent claim 26, this claim contains substantially similar subject matter as 
claim 10; therefore it is rejected along the same rationale. 

As to independent claim 30, this claim is directed to the apparatus of the method of 
claim 20; therefore it is rejected along similar rationale. 

As to dependent claim 31, this claim contains substantially similar subject matter as 
claim 19; therefore it is rejected along the same rationale. 
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As to independent claim 32, this claim contains substantially similar subject matter as 
claim 20; therefore it is rejected along the same rationale. 

As to dependent claims 34, 36, 37, and 40, these claims are directed to a computer 
readable medium of the previously identified claims; therefore they are rejected along the same 
rationale. 
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